TU Darmstadt / ULB / TUbiblio

Dynamic Anomaly Detection for More Trustworthy Outsourced Computation

Alsouri, Sami ; Sinschek, Jan ; Sewe, Andreas ; Bodden, Eric ; Mezini, Mira ; Katzenbeisser, Stefan :
Dynamic Anomaly Detection for More Trustworthy Outsourced Computation.
[Online-Edition: http://dx.doi.org/10.1007/978-3-642-33383-5_11]
In: 15th International Conference on Information Security, 19-21 Sep 2012, Passau, Germany. In: Lecture Notes in Computer Science (ISSN 0302-9743) , 7483 .
[Konferenz- oder Workshop-Beitrag], (2012)

Offizielle URL: http://dx.doi.org/10.1007/978-3-642-33383-5_11

Kurzbeschreibung (Abstract)

A hybrid cloud combines a trusted private cloud with a public cloud owned by an untrusted cloud provider. This is problematic: When a hybrid cloud shifts computation from its private to its public part, it must trust the public part to execute the computation as intended. We show how public-cloud providers can use dynamic anomaly detection to increase their clients’ trust in outsourced computations. The client first defines the computation’s reference behavior by running an automated dynamic analysis in the private cloud. The cloud provider then generates an application profile when executing the outsourced computation for its client, persisted in tamper-proof storage. When in doubt, the client checks the profile against the recorded reference behavior. False positives are identified by re-executing the dubious computation in the trusted private cloud, and are used to re-fine the description of the reference behavior. The approach is fully automated. Using 3,000 harmless and 118 malicious inputs to different Java applications, we show that our approach is effective. In particular, different characterizations of behavior can yield anything from low numbers of false positives to low numbers of false negatives, effectively trading trustworthiness for computation cost in the private cloud.

Typ des Eintrags: Konferenz- oder Workshop-Beitrag (Keine Angabe)
Erschienen: 2012
Autor(en): Alsouri, Sami ; Sinschek, Jan ; Sewe, Andreas ; Bodden, Eric ; Mezini, Mira ; Katzenbeisser, Stefan
Titel: Dynamic Anomaly Detection for More Trustworthy Outsourced Computation
Sprache: Englisch
Kurzbeschreibung (Abstract):

A hybrid cloud combines a trusted private cloud with a public cloud owned by an untrusted cloud provider. This is problematic: When a hybrid cloud shifts computation from its private to its public part, it must trust the public part to execute the computation as intended. We show how public-cloud providers can use dynamic anomaly detection to increase their clients’ trust in outsourced computations. The client first defines the computation’s reference behavior by running an automated dynamic analysis in the private cloud. The cloud provider then generates an application profile when executing the outsourced computation for its client, persisted in tamper-proof storage. When in doubt, the client checks the profile against the recorded reference behavior. False positives are identified by re-executing the dubious computation in the trusted private cloud, and are used to re-fine the description of the reference behavior. The approach is fully automated. Using 3,000 harmless and 118 malicious inputs to different Java applications, we show that our approach is effective. In particular, different characterizations of behavior can yield anything from low numbers of false positives to low numbers of false negatives, effectively trading trustworthiness for computation cost in the private cloud.

Buchtitel: Information Security
Reihe: Lecture Notes in Computer Science
Band: 7483
Freie Schlagworte: Cloud security, dependability, dynamic analysis, anomaly detection, hybrid clouds
Fachbereich(e)/-gebiet(e): Fachbereich Informatik > Security Engineering - Sicherheit in der Informationstechnik
Fachbereich Informatik > Softwaretechnik
Zentrale Einrichtungen > CASED
Zentrale Einrichtungen > EC SPRIDE > Secure Software Engineering
Zentrale Einrichtungen > EC SPRIDE
Fachbereich Informatik
Zentrale Einrichtungen
Veranstaltungstitel: 15th International Conference on Information Security
Veranstaltungsort: Passau, Germany
Veranstaltungsdatum: 19-21 Sep 2012
Hinterlegungsdatum: 12 Sep 2012 14:49
Offizielle URL: http://dx.doi.org/10.1007/978-3-642-33383-5_11
ID-Nummer: 10.1007/978-3-642-33383-5_11
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen